Privacy Policy

Privacy Statement of Competent Adviser Ltd

Competent Adviser Ltd is a UK-registered company. Our contact details are set out at the bottom of this Privacy Policy.

We provide business services to the financial services community in general, including providers, intermediaries and third party suppliers. Our business services include online training and competence tools, training, compliance and strategic consultancy.

This Privacy Policy describes the products and services we provide and in particular, to visitors who register with our website at and/or

At Competent Adviser we respect the privacy of users of our services and our business clients and we are committed to protecting personal data. This statement sets out how we handle data that identifies individuals and about individuals’ rights and how the law protects you.

If you have questions or concerns regarding this statement, please contact us and we will endeavour to help.

The website is not intended for children and we do not knowingly collect data relating to children.

What products and services do we provide and how do we process personal data?

Once a user has been registered on our websites, these provide access to online training and competency tools. We also provide other products and services that are not delivered online including strategic and compliance consultancy and training. Personal data or personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

The type of personal data that we might hold about users are: name, contact information (including email address), telephone numbers, and usage data (about how our services are used). If a user uses our training, software or consultancy services, we might also collect details of a users’ education and skills. We may also hold business information such as the name of a user’s employer, job title, employer’s address, email address, telephone and fax number. We do not collect any special category of personal data (including religious beliefs, political opinions, etc).

Our website collects personal data about users whose details are provided to us by those individual users or our client businesses, for the purposes of registering users for undertaking online training and use of our competency tools. We therefore process users’ personal data on behalf of our client businesses who wish users to undertake such online training and use our competency tools. Our client businesses are therefore the data controller of users’ personal data and we act as a data processor on their behalf. As a data processor of users’ information, we only process users’ personal data in accordance with instructions from the data controller. Details of an individual users’ records will therefore be kept within our platform which operates the website and will be shared only with the applicable client business that has provided us with a users’ personal data for processing on their behalf. Our website is operated by us and a users’ personal data will not be shared with any other third party, although we do use a separate hosting provider to host the website for us, which is based in the European Economic Area.

We store this data within our systems so that this is accessible by our client businesses, and in accordance with the instructions provided by them, which will also reflect the relevant regulatory authorities’ requirements for certain data retention. This is subject to users’ rights as a data subject, which our client businesses will confirm to users as the data controller.

We have an appointed a data protection officer who is our point of contact for data protection queries. They can be contacted by emailing

Hyperlinks to other web sites

Our website learning materials includes links to many third party web service providers including associations, bodies and non-governmental organisations, such as HMRC and the Financial Conduct Authority.

These links are provided to give visitors to our website access to as much information as possible. However, we are not responsible for the accuracy or efficacy of any of the information on those website, or the data protection or privacy policies and procedures contained within those third party websites. You will need to check those policies and terms of use of third party websites that you might visit to make sure you are happy with these before proceeding to use them.

Why do we collect information about you?

We collect information about you for the following purposes:

  • Technical administration of the web site
    To ensure that the online products and services that are available are delivered in the most effective way.
  • Customer administration
    To ensure that we maintain the highest levels of customer service when providing our products and services.
  • Research and development
    To develop new and improved existing Competent Adviser products and services, which we believe may be of interest to our clients and users.

If we were to use your personal data for a new purpose, we would let you know let you know what legal basis we were relying on to do this and where relevant, obtain your consent to do this.

We want to make sure that the personal information we hold is accurate and current. Please keep us informed (through the data controller client businesses) if your personal data changes whilst we hold this on their behalf.

Our approach to marketing

We do not market to individuals in a personal capacity, only businesses or people for the benefit of our services in a professional capacity.

Where we market to our client businesses, we do so on the basis that we have already provided you with services previously and we think other goods and services may be of interest to you, or where we haven’t provided such services to you, because we have a legitimate interest in promoting our business and we think this would be of benefit to you. However, where we have not provided you with services previously, we will obviously consider whether our contacting you about our services is in your best interests. Our most common marketing method is via email or telephone.

How do we collect your information?

We collect information about you in a number of ways:

  • Our business clients
    As mentioned above, our clients provide us with personal data (e.g. names and email addresses) about users of our website, so that we can provide our services. We therefore only process that personal data in accordance with the instructions of our clients, for the personal data that they have collected about users and provide to us under our contract with our clients.
  • Cookies
    Cookies are pieces of data created when you visit a website. The cookies our site uses are ‘session cookies’, which store your ‘preferences’ while you move around the site. You can set your computer not to accept cookies if you so wish. This will not in any way affect your ability to access the information on the site, but will prevent you logging into any of the personalised facilities and using the added functionality that the website offers.
    The website uses session cookies and log files to facilitate the smooth running of the site. It does not use cookies to collect any personal information about you except that required for system administration of our web server. Session cookies are deleted when you close your browser.
  • Log Files
    Log files allow us to record visitors’ use of our website. The system puts together log file information from all our visitors, which we may use to make changes to the layout of our website and to the information in it, based on the way that visitors move around it .
    Log files do not contain any personal information.

We only use personal data when the law allows us to and specifically where:

  • We are requested to process personal data on behalf of our data controller clients
  • We need to perform a contract entered into with users directly
  • We need to comply with a legal or regulatory obligation.

We do not transfer personal data outside of the European Economic Area.

We do not disclose personal data to other organisations. Where you may provide your personal data to us for us to contact you about our services, then we will contact you in the manner applicable to the type of contact information you have provided to us.

We will only use personal data that we hold for the purposes for which it was collected, unless required by law.

How do we keep your information confidential and secure?

We are committed to protecting the security of personal information. We use a variety of security technologies and procedures to help protect personal information from unauthorized access, use or disclosure. For example, we store personal information provided to us in computer servers with limited access that are located in controlled facilities.

We have implemented security policies, rules and technical measures to protect the personal data that we have under our control from:

  • Unauthorised access
  • Improper use or disclosure
  • Unauthorised modification
  • Unlawful destruction or accidental loss

All our employees and data processors that have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of our visitors’ personal data.

Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. Where we are acting as a data processor on behalf of our data controller clients, then you should contact that data controller to discuss your rights. However, where we hold information about individuals for whom we are the data controller, then you have the following rights:

  • Right of access to your personal data – this enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of your personal data that we hold about you – any incomplete or inaccurate data we hold about you needs to be corrected, although we may need to verify the accuracy of the new data you provide to us.
  • Request erasure of your personal data – you can request for your personal data held by us to be deleted or removed where there is no good reason for us continuing to process it, or where you have successfully exercised your right to object to our processing your personal data, or where we have processed your personal data unlawfully or required to do so by applicable law
  • Object to processing of your personal data –where we are relying on a legitimate interest (or those of a third party) and there is something about the processing that you wish to object to, you can object if this impacts your fundamental rights or freedoms, however we may have compelling legitimate grounds to continue processing your information which override these. You can also object if we are processing your personal data for direct marketing purposes.
  • Request restriction of processing your personal data – you can ask us to suspend the processing of your personal data if you want us to establish the data’s accuracy, where the use of the personal data is no longer lawful and you want us to erase it, where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims, or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request transfer of your personal data to you or a third party – we will provide you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format, where the information is automated which you initially provided consent for us to use or where we have used this information to perform a contract with you.
  • Right to withdraw consent (where we are relying on consent to process your personal data) – however, this will not affect the lawfulness of processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you indicate that you wish to withdraw your consent.

If we act as the data controller and if you wish to exercise any of the rights set out above, then please contact us on the details set out below.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us to confirm your identity and ensure your right to access your personal data (or exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

If you have an enquiry or concern about our Privacy Policy, in the first instance please contact us on the details below. If, after discussing your enquiry or concern, you are not satisfied with the response, you may wish to contact:

The Information Commissioner Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, UK

Changes to this Privacy Policy

This version of our Privacy Policy was last updated on 22nd May 2018. Any updates to this Privacy Policy will be posted on our website and you should check the Privacy Policy on our website from time to time.

Our contact details

Competent Adviser Limited:

  • Please send me updates on Financial Services legislation.